| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat Feb 25 19:52:32 2006 From: bart2k at hushmail.com (bart2k@...hmail.com) Subject: fun of openoffice Sleep on it, maybe the creative part of your mind is tired today. cute catch alert7 :) On Sat, 25 Feb 2006 09:39:05 -0600 Joachim Schipper <j.schipper@...h.uu.nl> wrote: >On Sat, Feb 25, 2006 at 11:29:28PM +0800, alert7@...cus.org wrote: >> find a fun of openoffice 1.9.104 >> >> [alert7@FC4 ~]$ touch ..\\..\\..\\etc\\passwd >> [alert7@FC4 ~]$ cat ..\\..\\..\\etc\\passwd >> [alert7@FC4 ~]$ ooffice ..\\..\\..\\etc\\passwd >> /etc/passwd will be open. >> >> fun bug :) > >If you want to call it a bug at all, it should be reported to the >OO.o >developers. It's not like it can be used for anything interesting >at >all, can it? And I don't see how it is a problem, either. > > Joachim >_______________________________________________ >Full-Disclosure - We believe in it. >Charter: http://lists.grok.org.uk/full-disclosure-charter.html >Hosted and sponsored by Secunia - http://secunia.com/ Concerned about your privacy? Instantly send FREE secure email, no account required http://www.hushmail.com/send?l=480 Get the best prices on SSL certificates from Hushmail https://www.hushssl.com?l=485
Powered by blists - more mailing lists